IDS mailing list archives
Re: IDS data sets
From: Roberto Perdisci <roberto.perdisci () gmail com>
Date: Wed, 2 Mar 2005 09:54:57 +0100
On Mon, 21 Feb 2005 16:11:31 +0100, Stefano Zanero <zanero () elet polimi it> wrote:
Hallo Salim,I am a newbie to the forum. I am looking for some pointers as far as techniques/tools used in analyzing IDS data published by MIT & DARPA (http://www.ll.mit.edu/IST/ideval/).The data are intended for IDS evaluation, thus you can analyze them with any IDS / Network traffic analysis tool (as far as the TCPDump logs are concerned) or with a BSM auditing tool for the rest of them.
Hallo all, To the best of my knowledge, the MIT-DARPA dataset is the most recent and valid dataset created in order to test the performances of IDSs. For this reason, dispite it is 5 years old, it is currently considered as the point of reference in the research field. Nevertheless, some authors have attemted to use data collected during hacker's contests like the DEFCON. You can find an example of this in "Fusing heterogeneous alert streams into scenarious", Dain & Cunningham, ACM CCS 2001. Roberto -------------------------------------------------------------------------- Test Your IDS Is your IDS deployed correctly? Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708 to learn more. --------------------------------------------------------------------------
Current thread:
- Re: IDS data sets Roberto Perdisci (Mar 02)
- Re: IDS data sets Stefano Zanero (Mar 02)